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Pinpoint your most critical threats ana 


orioritize patching. 


Qualys Threat Protection is a cloud service 
that correlates external threat indicators 
against your internal vulnerabilities and IT 
asset data — letting you control evolving 
threats and identify what to remediate first. 


Between 30% and 40% of disclosed vulnerabilities, amounting 
to thousands per year, are rated “High” or “Critical.” Unable to 
fix them all, security teams must pinpoint which pose the 
highest risk to their organizations. This must be done quickly 
and precisely because hackers constantly try to exploit these 


known bugs. 


That’s where Qualys TP comes in. Qualys TP layers real time 
threat information on top of vulnerability detections, so that 
organizations can prioritize remediation across all of their 
assets and eliminate the most serious threats in their IT 
environment. This automated remediation prioritization is 
based on real time indicators such as vulnerabilities with public 
exploits and with active attacks. With Qualys TP’s automated 
and streamlined analysis, you’ll get a clear and continuously 
current picture of your threat landscape for effective and 


precise remediation. 
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Features 


Robust data analysis 


Threat Protection continuously correlates external threat information 
against your vulnerabilities and IT asset inventory, leveraging Qualys 
Cloud Platform’s robust back-end engine to automate this large-scale 
and intensive data analysis process. With thousands of vulnerabilities 
disclosed annually, you’ll always know which ones pose the greatest 


risk to your organization at any given time. 


The Live Feed 


As Qualys engineers continuously validate and rate new threats from 
internal and external sources, Threat Protections’s Live Threat 
Intelligence Feed displays the latest vulnerability disclosures and 
maps them to your impacted IT assets. You can see the number of 
assets affected by each threat, and drill down into asset details. 


Centralized control and visualization panel 


A single, dynamic dashboard includes customizable views, graphs and 
charts giving you a clear and comprehensive view of your threat 
landscape at a glance in real time. You can create multiple dashboard 
views, and break down vulnerabilities by real-time threat indicator 


(RTI) types, such as zero-day exploits. 


Powerful search function 


Threat Protection’s search engine lets you look for specific assets and 
vulnerabilities by crafting ad hoc queries with multiple variables and 
criteria. You can sort, filter, drill down and fine-tune results. Queries 
can be saved and turned into dashboard widgets, which can display 


trend graphs for up to 90 days. 


Automate and streamline your remediation prioritization 
orocess, and patch your most critical bugs before 


hackers exploit them 


Benefits 


No more vulnerability data overload 
A Grants you control over the constant stream of 


vulnerability disclosures 


Instant, comprehensive visibility 
Provides a continuously updated view of your IT 


assets and vulnerabilities 


r Automated, precise threat risk analysis 
Å- Eliminates guesswork and arbitrary remediation 


schedules 


Patching efficiency 
faa Saves you time and helps you make the best use of 


your remediation resources 
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Mesh your IT inventory data with threat 
information 


Threat Protection continuously correlates external threat data with 
vulnerability gaps in your IT environment, so your remediation 
prioritization decisions are rooted in concrete, up-to-date, applicable 
data, not in guesswork or arbitrary schedules. That way, you'll stay a 
step ahead of hackers, patching bugs before bad guys exploit them. 


© Leverages the comprehensive IT asset cataloging of Qualys Asset 
Inventory and the Six Sigma vulnerability detection accuracy of Qualys 
Vulnerability Management 


© Lets you prioritize remediation with precision and nimbleness in a 
continual, contextual and automated manner, so the constant stream of 
bug disclosures don’t overwhelm you 


Connects the dots and flags at-risk IT assets wherever they reside - on 
premises, in cloud environments or at mobile endpoints 


Helps improve the efficiency of DevOps teams by bringing threat 
prioritization clarity into the application development and deployment 
lifecycle 


© Gives you a dynamic snapshot of all the vulnerabilities that exist in your 
IT environment at any given moment 


Using actionable intelligence, allows you to assess how critical certain 
threat scenarios are in your organization’s specific context, since every 


IT environment is different 
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ThreatPROTECT Summary 
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Intel Active Management Technology (AMT) Privilege Escalation Vulnerability 
CVE-2017-5689: Intel Elevation Of Privilege Vulnerability 


PoC Exploit available for CVE-2017-0290 


Look for specific assets and vulnerabilities 


Threat Protection’s search engine gives you a powerful tool to look for 
specific assets and vulnerabilities. You can quickly and proactively 
identify systems across your entire environment exposed to specific 
threats, and take remediation steps right away. The search syntax is 
intuitive and the product has a query auto-complete feature. Threat 
Protection’s search engine lets you: 


© Craft ad hoc queries with multiple variables and criteria - such as asset 
class, vulnerability type, RTI, tag and operating system - so you can, for 
example, look for all vulnerabilities that have a severity rating of “5”, are 
easy to exploit and were disclosed within the last five days 


© Sort, filter and refine search results 
Save any search, download results and share them 


© Turn queries you run regularly into permanent dashboard widgets 
whose information is dynamically updated in real time 
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See a live feed of vulnerability disclosures 


Threat Protection’s Live Threat Intelligence Feed keeps organizations 
up to date on the latest vulnerabilities and news, so you’re informed 
about new disclosures and about existing bugs whose risk severity has 


increased. 


© Plugs into the fire hose of external vulnerability disclosures, so you’re 
aware of the latest threats out in the wild 


Displays how many of your IT assets are impacted by each disclosure, 
thanks to the product’s powerful data correlation capabilities. 


Segments its content into different columns, including one for “high 
rated” items Qualys flags and another one for your handpicked 
“favorites” that you can pin to the feed UI 


© Lets you click on feed entries and drill down into details and more 
granular information of a particular vulnerability and of the affected IT 
assets 


© Allows you to fine-tune and narrow down the feed list by filtering and 
sorting items according to a variety of criteria, and download that set 
for remediation teams 


Identify and weigh characteristics that 
intensify a vulnerability’s danger 


Threat Protection appends real-time threat indicators (RTIs) to 
vulnerabilities, tapping findings from Qualys and external sources. 
Combining this threat data with internal criteria, such as an asset’s 
role, helps you prioritize remediation. For example, you can see all 
RTIs for vulnerabilities on a host, and drill down to specific 
vulnerabilities behind an RTI. Threat Protection RTIs include: 


© ZERO DAY - Vulnerabilities for which there is no vendor patch available 
and for which an active attack has been observed in the wild 


PUBLIC EXPLOIT - Vulnerabilities whose exploit knowledge is well 
known and for which exploit code exists and is publicly available 


©) ACTIVELY ATTACKED - Vulnerabilities that are being actively attacked 
in the wild 


HIGH LATERAL MOVEMENT - Vulnerabilities that, if compromised, let 
the attacker propagate the attack broadly throughout the breached 
network 


© EASY EXPLOIT - Vulnerabilities that can be exploited easily, requiring 
few skills and little knowledge 


Q 


HIGH DATA LOSS - Vulnerabilities whose exploit will yield massive data 
loss 


© DENIAL OF SERVICE - Vulnerabilities whose payload could overload or 
crash the compromised systems so that they become permanently or 
temporarily unavailable 


NO PATCH - Vulnerabilities for which there isn’t a fix from the vendor 


MALWARE - Vulnerabilities associated with malware infection 
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EXPLOIT KIT - Vulnerabilities for which an exploit kit is available 


Centrally control and visualize the threat 
prioritization process 


Customizable dashboards with dynamic widgets help you see your 
threat landscape in a holistic, consolidated way. You can drill down on 
the data, mine it for patterns, slice and dice it, aggregate it in custom 
reports and represent it graphically. This visualization and analysis 
yields deep insights for patch prioritization. 


© Includes a view for the live feed, as well as a variety of widgets based 
on RTIs, in the default dashboard setup 


© Allows you to create customized dashboards tailored for different IT 
and business roles 


Lets you click through and access more information about the assets 
flagged as vulnerable 


© Allows you to create dashboard widgets manually or from any search 
query 


Lets you set specific thresholds for widget data, and trigger certain 
actions in response, such as the widget’s background color changing 
from green to red 


© Sends you notifications when used in conjunction with Qualys 
Continuous Monitoring 


Q 


Generates reports that you can quickly and easily share across the IT 
department with those responsible for patching the affected systems 


© Displays trend indicators in widgets, showing data fluctuations over 
time 
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Search for threat news feeds 
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Doublepulsar backdoor spreading rapidly 
in the wild 


Live Threat Intelligence Feed On April 14, 2017 — The 
mysterious hacking group ShadowBrokers released cyber 
spying tools allegedly employed by the U.S. National... 
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April 23, 2017 & 
EternalBlue SMB Exploit 


Live Threat Intelligence Feed The recent 
ShadowBroker public disclosure shed light on 
many exploits targeting various components of.. 
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PoC Exploit available for CVE-2017-0202 


An exploit for CVE-2017-0202 is now available from The Exploit-DB. 
Qualys has added QID(s) 100309 to detect this issue in your 
environment. Please check your ThreatPROTECT dashboard for... 


172 


Ch 6 days ago 
PoC Exploit available for CVE-2017-3587 
An exploit for CVE-2017-3587 is now available from The Exploit-DB 


Qualys has added QID(s) 370377 to detect this issue in your 
environment. Please check your ThreatPROTECT dashboard for 
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Powered by the Qualys Cloud Platform 
- the revolutionary architecture that powers 
Qualys’ IT security and compliance cloud apps 


Sensors that provide continous visibility Respond to threats immediately 
On-premises, at endpoints or in the cloud, the Qualys Cloud With Qualys’ Cloud Agent technology, there’s no need to 
Platform sensors are always on, giving you continuous 2-second schedule scan windows or manage credentials for scanning. 
visibility of all your IT assets. Remotely deployable, centrally And Qualys Continuous Monitoring service lets you proactively 
managed and self-updating, the sensors come as physical or address potential threats whenever new vulnerabilities appear, 
virtual appliances, or lightweight agents. with real-time alerts to notify you immediately. 

All data analyzed in real time See the results in one place, 

Qualys Cloud Platform provides an end-to-end solution, allowing a nyti me, a nywhere 


YOU GCS NE pepan Eomp exe ntar comen SELECT Qualys Cloud Platform is accessible directly in the browser, no 
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Ho obnakce y Renars abe) ciel aS E aCA Ly eia Oore Nae Cele interface for all its apps, it lets you customize dashboards, drill down 


in a scalable, state-of-the-art backend, and provisioning additional into details, and generate reports for teammates and auditors. 


cloud apps is as easy as checking a box. 


Cloud Platform Apps 


Qualys apps are fully integrated and natively share the data they collect for real-time 
analysis and correlation. Provisioning another app is as easy as checking a box. 


Vulnerability Patch Cloud Web Application Security Configuration Security Assessment 
MELAI aa Management Inventory Scanning Assessment Questionnaire 


ACR 
(C SA 


OJA 


Threat Indication of Cloud Security Web Application 
Protection Compromise Assessment Firewall 


Certificate Continuous Certificate Container Policy File Integrity 
Inventory Mceyalixelalare) Assessment Security Compliance MKeyarixe) alate] 


Request a full trial Cunlimited-scope) at 
qualys.com/trial 


It’s an out-of-the-box solution that’s centrally managed and self-updating. 
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